Without these policies I was getting a lot of different errors in CodePipeline like “The provided role does not have sufficient permissions to access ECS” or “The provided role does not have sufficient permissions (to access certain bucket)..